Date: Thu, 22 Apr 2004 01:28:20 -0500 (CDT) From: Mike Silbersack <silby@silby.com> To: Don Lewis <truckman@FreeBSD.org> Cc: jayanth@yahoo-inc.com Subject: Re: [Full-Disclosure] IETF Draft - Fix for TCP vulnerability (fwd) Message-ID: <20040422012305.Y19921@odysseus.silby.com> In-Reply-To: <200404212331.i3LNVE7E047907@gw.catspoiler.org> References: <200404212331.i3LNVE7E047907@gw.catspoiler.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 21 Apr 2004, Don Lewis wrote: > On 21 Apr, Mike Silbersack wrote: > > Do you have access to a system that exhibits the "RST at end of window" > > syndrome so that you could code up and test out this part of the patch? > > Nope. The only report of this that I saw was from jayanth. Judging by > the tcpdump timestamps, it looks like whatever this wierd piece of > hardware was, it was nearby. Something just occured to me... we can just lump the "RST at end of window" case into the whole "RST somewhere in the window case". In that way, we only need two cases: 1. RSTs exactly at last_ack_sent (always accepted) 2. Everything else in the window (only accepted if "not under attack".) I could code up and test this over the weekend, if it sounds like a solution we're willing to go with. Mike "Silby" Silbersack
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040422012305.Y19921>